var jwt = require('jsonwebtoken');

var secret = "P@assw0rd";
// var secret = "P@assw0rd1"; // 错误秘钥

// 解码校验token
var token2 = `eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJKb2UifQ.Wsc9_WmrHD921NORU6jUX2mXTh8dznvVpzIKLpdfUCU6iXLxxIWI_kfdbI7bzyPKWYdr9yWdxOdcUC756TCvZw`;
try {
    var decoded = jwt.verify(token2, secret);
    console.log(decoded);
} catch (err) {
    console.log(err);
}

// 生成token
var token = jwt.sign({ foo: 'bar' }, secret);

console.log(token);
